Add Cloudflare automation, ngrok tunnel, fix Dockerfiles

- Ansible cloudflare.yml: DNS, SSL, HSTS, Brotli, bot fight, SEO bots allow - Vault: add cloudflare_zone_id - Workflow: run cloudflare config before deploy - docker-compose-dev: add ngrok tunnel, vault, minio - Ngrok sync script: writes OUTSIDE_URL to .env.local - Fix Dockerfiles: remove mbstring/xml (built-in PHP 8.4), fix libfreetype-dev - Makefile: maintenance_on/off, clear_prod - Playbook: stop_prod, install_prod, start_prod, migrate, clear steps Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 21:06:11 +01:00
parent 507500e20d
commit e3de0da1bf
7 changed files with 266 additions and 13 deletions
--- a/docker/ngrok/sync.sh
+++ b/docker/ngrok/sync.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+set -e
+
+echo "Waiting for ngrok to start..."
+sleep 5
+
+NGROK_URL=""
+RETRIES=10
+
+while [ -z "$NGROK_URL" ] && [ "$RETRIES" -gt 0 ]; do
+    NGROK_URL=$(curl -s http://ngrok:4040/api/tunnels | grep -o '"public_url":"https://[^"]*"' | head -1 | cut -d'"' -f4)
+    if [ -z "$NGROK_URL" ]; then
+        echo "Waiting for tunnel..."
+        sleep 2
+        RETRIES=$((RETRIES - 1))
+    fi
+done
+
+if [ -z "$NGROK_URL" ]; then
+    echo "ERROR: Could not get ngrok URL"
+    exit 1
+fi
+
+touch /app/.env.local
+sed -i '/^OUTSIDE_URL=/d' /app/.env.local
+echo "OUTSIDE_URL=$NGROK_URL" >> /app/.env.local
+
+echo "Ngrok URL: $NGROK_URL"
+echo "Written to .env.local"
--- a/docker/php/dev/Dockerfile
+++ b/docker/php/dev/Dockerfile
@@ -8,7 +8,7 @@ RUN apt-get update && apt-get install -y \
    libicu-dev \
    libpng-dev \
    libjpeg-dev \
-    libfreetype6-dev \
+    libfreetype-dev \
    libmagickwand-dev \
    unzip \
    && rm -rf /var/lib/apt/lists/*
@@ -19,9 +19,7 @@ RUN docker-php-ext-configure gd --with-freetype --with-jpeg \
    pdo_pgsql \
    pdo_sqlite \
    zip \
-    xml \
    intl \
-    mbstring \
    gd

 RUN pecl install redis imagick \
--- a/docker/php/prod/Dockerfile
+++ b/docker/php/prod/Dockerfile
@@ -8,7 +8,7 @@ RUN apt-get update && apt-get install -y \
    libicu-dev \
    libpng-dev \
    libjpeg-dev \
-    libfreetype6-dev \
+    libfreetype-dev \
    libmagickwand-dev \
    unzip \
    && rm -rf /var/lib/apt/lists/*
@@ -19,9 +19,7 @@ RUN docker-php-ext-configure gd --with-freetype --with-jpeg \
    pdo_pgsql \
    pdo_sqlite \
    zip \
-    xml \
    intl \
-    mbstring \
    gd \
    opcache